Beruflich Dokumente
Kultur Dokumente
Security
Chapter 1 Introduction
CSS Chapter 1
04/15/15
Background
Information security requirements have changed in
recent times
Traditionally provided by physical and administrative
mechanisms
Computer use requires automated tools to protect files
and other stored information
Use of networks and communications links requires
measures to protect data during transmission
CSS Chapter 1
04/15/15
Definitions
Computer Security - generic name for
CSS Chapter 1
04/15/15
Aim of Course
Our focus is on internet security
Which consists of measures to deter, prevent, detect,
CSS Chapter 1
04/15/15
Security Trends
CSS Chapter 1
04/15/15
security requirements
For us it provides a useful, if abstract, overview of concepts
we will study
CSS Chapter 1
04/15/15
Aspects of Security
Consider 3 aspects of information security:
Security attack
Security mechanism
Security service
CSS Chapter 1
04/15/15
Security Attack
Any action that compromises the security of information
owned by an organization
Information security is about how to prevent attacks, or
failing that, to detect attacks on information-based
systems
Often threat & attack used to mean same thing
Have a wide range of attacks
Can focus of generic types of attacks
Passive
Active
8
CSS Chapter 1
04/15/15
Passive Attacks
CSS Chapter 1
04/15/15
Active Attacks
10
CSS Chapter 1
04/15/15
Security Service
Enhance security of data processing systems and
11
CSS Chapter 1
04/15/15
Security Services
X.800:
12
CSS Chapter 1
04/15/15
13
CSS Chapter 1
04/15/15
Security Mechanism
Feature designed to detect, prevent, or recover from a
security attack
No single mechanism that will support all services
required
However one particular element underlies many of the
security mechanisms in use:
Cryptographic techniques
Hence our focus on this topic
14
CSS Chapter 1
04/15/15
15
CSS Chapter 1
04/15/15
16
CSS Chapter 1
04/15/15
17
CSS Chapter 1
04/15/15
18
CSS Chapter 1
04/15/15
19
CSS Chapter 1
04/15/15
Summary
Have considered:
Definitions for:
Computer, network, internet security
X.800 standard
Security attacks, services, mechanisms
Models for network (access) security
20
CSS Chapter 1
04/15/15